Sharing is Healing --Ames

Notice of Privacy Practices:  Notice of Privacy Practices is posted on this web site. Clients have the option to print copies. 

Privacy Personnel:  The privacy official for Sharing Is Healing is the sole owner and operator of Sharing Is Healing, MIchelle Roling. 

Workforce Training and Management:  The owner, business partner,  and any potential employees of Sharing Is Healing are committed to attend HIPAA trainings on a regular basis in order to keep up with the current requirements. If it is discovered that there is a violation of the privacy policy and procedures or the Privacy Rule, immediate adjustments will be made, within the allowed 10 days to comply. If at any time, there are additions to the workforce such as employees, volunteers, trainees, or other persons whose conduct is under the direct control of Sharing Is Healing, training of privacy policies and procedures would occur.

Billing: Billing occurs through an on line schedule system-  psych select (therapy appointment)  You will be asked to put a credit card in additino to any HSA flex account information into theysystem.

Mitigation:  Sharing Is Healing will mitigate, to the extent practicable, any harmful effect it learns was caused by use or disclosure of protected health information by its business associates in violation of its privacy policies and procedures or the Privacy Rule.

Breach Notification Policy:  If there is a known potential breach of records such as a break in or stolen data, the steps to be taken in accordance with the Breach of Privacy Information as instructed by HIPAA and the webpage:  http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/index.html

Data Safeguards:  The administrative, technical, and physical safeguards maintained to prevent intentional or unintentional use or disclosure of protected health information are as follows:

Paper documents in the rare instance they are presented to Sharing is Healing, will be scanned into the electronic medical record (EMR) and shredded. Sharing is Healing is a paperless system.

Electronic records are kept within a password protected “cloud” system called TherapyAppointment.com.  This program allows for computers to be used at any location and this access is double password protected.  No public computer will be allowed to save any passwords for future use and each time a new computer is used, the length of access will be limited to no more than the time the computer is actually being used for TherapyAppointment.com.  Only password protected computers will be allowed to store any version of the therapyappointment.com. 

Scheduler:  The current system used for scheduling is also through TherapyAppointment.com.  Access to the scheduler is also available through a password protected process.  Procedures are the same as mentioned in the electronic record section.  Computers that are being used for scheduling will not be left where the screens can be seen by others.  Screens need to be shut down or have the information protected (called Autopilot on TherapyAppointment.com). 

Office tablet: Is utilized for EMDR sessions. No private information will be saved on the tablet unless an encryption system is in place.

Phone:  Smart phones systems will be password protected for protected limited access to call history or stored phone numbers of clients. Client phone numbers will be saved in the contact list using Z and an initialed form of reminder letters to have contacts saved at the end of the list of contacts.  If available, an encryption system will be used. When the phones are no longer in use, the stored memory of the phone will be wiped clean.

Tela therapy:  Therapyappointment houses HIPPA compliant Zoom and is utilized as the on line teletherapy modality. Michelle is a licensed clinician in Iowa and is a certified telemental health therapist. Sharing is Healing follows each state guideline regarding telatherapy procedures.  Please see the document "state regulations" to see other state's data.  

Fax/Printers/Scanners Machine:  Fax/printers/scanners are to be kept in Sharing Is Healing owner’s possession until they no longer work at which time the machine will be destroyed unless a reliable mechanism has been found to completely wipe the memory of the machine clean. 

Fax:  Current fax system to send and receive is a HIPPA compliant on line email system Ring Central.   In order for fax to be used, Client’s sign permission for both fax and email to be used on Consent for release of information.

Email:  Email account is password protected via sharingishealigames@gmail.com. Clients indicate permission for use of email in the initial client information form. TherapyAppointment.com also offers secure email for active clients.  Secure email is to be used when contacting clients as much as is possible within reason.

US Mail:  Post Office Box is used for Sharing Is Healing Ames, it is a locked box.

Complaints:  As per the Notice of Privacy Practices given to clients, the following statement is in place:

“If you feel that your privacy protections have been violated, you have the right to file a written complaint with Michelle Roling, owner and sole proprietor, or with the Department of Health and Human Services, Office of Civil Rights, 200 Independence Avenue SW, Washington DC  20201, phone number: 1 877 696 6775.  There will be no retaliation against you for filing a complaint.”

Documentation and Record Retention:  record of signed forms will be maintained as part of the client file.  These records will include privacy policies and procedures, privacy practices notices, disposition of complaints, and other actions, activities and designation that the Privacy Rule requires to be documented.